kernel: latest-lts: enable CONFIG_SCSI_MPI3MR #312
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: All Kernels and Hooks | |
| on: | |
| #schedule: | |
| # # every day at 5am UTC | |
| # - cron: '0 5 * * *' | |
| workflow_dispatch: | |
| pull_request: | |
| push: | |
| env: # Global environment, passed to all jobs & all steps | |
| # Default to ghcr.io. quay.io was used previously, but requires manual creation for new images. | |
| REGISTRY: "ghcr.io" # or quay.io, determines which will be logged-in to; quay requires secrets. | |
| HOOK_KERNEL_OCI_BASE: "ghcr.io/${{ github.repository_owner }}/hook/kernel/hook-kernel" | |
| HOOK_LK_CONTAINERS_OCI_BASE: "ghcr.io/${{ github.repository_owner }}/hook/linuxkit/" | |
| # Apart from the quay/ghcr coordinates above (used for both pulling & pushing), we might also want to | |
| # log in to DockerHub (with a read-only token) so we aren't hit by rate limits when pulling the linuxkit pkgs. | |
| # To do so, set the secret DOCKERHUB_USERNAME and DOCKERHUB_PASSWORD in the repo secrets, and set the below to yes. | |
| LOGIN_TO_DOCKERHUB: "yes" | |
| HOOK_VERSION: "0.11.1-build-${{github.run_number}}" # Use a forced Hook version | |
| # Which flavors to build? space separated list, must match one of the TAG='s in flavors (this is used by matrix_prep job in gha-matrix command) | |
| CI_TAGS: "standard armbian-sbc armbian-uefi lts" # 'dev' is not included | |
| # GHA runner configuration. See bash/json-matrix.sh for more details. | |
| CI_RUNNERS_SELF_HOSTED_TAG: "none" # CNCF runners don't have the semi-standard 'self-hosted' tag | |
| CI_RUNNER_LK_CONTAINERS_ARM64: "ubuntu-24.04-arm" # lk containers are small and relatively quick to build | |
| CI_RUNNER_LK_CONTAINERS_AMD64: "ubuntu-latest" # lk containers are small and relatively quick to build | |
| CI_RUNNER_LK_ARM64: "ubuntu-24.04-arm" # Hook itself (linuxkit etc.) is small and relatively quick to build once we've the lk containers & kernel ready | |
| CI_RUNNER_LK_AMD64: "ubuntu-latest" # Hook itself (linuxkit etc.) is small and relatively quick to build once we've the lk containers & kernel ready | |
| CI_RUNNER_KERNEL_SOURCE_AMD64: "oracle-16cpu-64gb-x86-64" # Kernels that are built _from source_ benefit from beefy self-hosted CNCF runners | |
| CI_RUNNER_KERNEL_SOURCE_ARM64: "oracle-16cpu-64gb-arm64" # Kernels that are built _from source_ benefit from beefy self-hosted CNCF runners | |
| CI_RUNNER_KERNEL_EXTERNAL_AMD64: "ubuntu-latest" # kernels that pull binaries from elsewhere (eg Armbian) can be built on normal runners (CNCF runners are actually worse at this) | |
| CI_RUNNER_KERNEL_EXTERNAL_ARM64: "ubuntu-24.04-arm" # kernels that pull binaries from elsewhere (eg Armbian) can be built on normal runners (CNCF runners are actually worse at this) | |
| jobs: | |
| matrix_prep: | |
| name: "Prepare matrix JSON" | |
| runs-on: ubuntu-latest | |
| outputs: | |
| created: ${{ steps.date_prep.outputs.created }} # refer to as ${{needs.prepare.outputs.created}} | |
| kernels_json: ${{ steps.prepare-matrix.outputs.kernels_json }} | |
| lkcontainers_json: ${{ steps.prepare-matrix.outputs.lkcontainers_json }} | |
| lk_hooks_json: ${{ steps.prepare-matrix.outputs.lk_hooks_json }} | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v6 | |
| - name: Prepare release ID (current date) # This only used for the GitHub Release; not included in any way in the build process. | |
| id: date_prep | |
| run: echo "created=$(date -u +'%Y%m%d-%H%M')" >> "${GITHUB_OUTPUT}" | |
| - name: Run lint (shellcheck/shellfmt) # so fail fast in case of bash errors/warnings or unformatted code | |
| run: bash build.sh lint | |
| - name: Run the matrix JSON preparation bash script | |
| id: prepare-matrix | |
| run: bash build.sh gha-matrix DEBUG=yes # This sets the output "kernels_json" & "lkcontainers_json" & "lk_hooks_json" internally | |
| build-linuxkit-containers: | |
| needs: [ matrix_prep ] | |
| runs-on: "${{ matrix.runner }}" # "groups" are only for self-hosted setups! TODO: group should be determined by matrix code # the runner to use is determined by the 'gha-matrix' code | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| include: ${{ fromJSON(needs.matrix_prep.outputs.lkcontainers_json) }} | |
| name: "LinuxKit containers for ${{ matrix.docker_arch }} (on ${{ join(matrix.runner) }})" | |
| steps: | |
| - name: Checkout build repo | |
| uses: actions/checkout@v6 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-config-inline: | | |
| [registry."docker.io"] | |
| mirrors = ["mirror.gcr.io"] | |
| - name: Docker Login to quay.io | |
| if: ${{ env.REGISTRY == 'quay.io' && github.ref == 'refs/heads/main' }} | |
| uses: docker/login-action@v3 | |
| with: { registry: "quay.io", username: "${{ secrets.QUAY_USERNAME }}", password: "${{ secrets.QUAY_PASSWORD }}" } | |
| - name: Docker Login to GitHub Container Registry | |
| if: ${{ env.REGISTRY == 'ghcr.io' }} | |
| uses: docker/login-action@v3 | |
| with: { registry: "ghcr.io", username: "${{ github.repository_owner }}", password: "${{ secrets.GITHUB_TOKEN }}" } | |
| - name: Build and Push and Export LinuxKit containers for ${{matrix.docker_arch}} | |
| env: | |
| DOCKER_ARCH: "${{ matrix.docker_arch }}" | |
| DO_PUSH: "${{ github.ref == 'refs/heads/main' && 'yes' || 'no' }}" | |
| EXPORT_LK_CONTAINERS: "${{ github.ref != 'refs/heads/main' && 'yes' || 'no' }}" # Builds on PRs don't push images to a registry so they need to be passed on through GitHub Artifacts. | |
| EXPORT_LK_CONTAINERS_DIR: "${{ runner.temp }}" | |
| run: bash build.sh linuxkit-containers | |
| - name: Upload Linuxkit Docker images as GitHub Artifacts | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: linuxkit-images-${{ matrix.docker_arch }} | |
| path: ${{ runner.temp }}/*-${{ matrix.docker_arch }}.tar.gz | |
| retention-days: 1 | |
| build-kernels: | |
| needs: [ matrix_prep ] # depend on the previous job... | |
| runs-on: "${{ matrix.runner }}" # "groups" are only for self-hosted setups! TODO: group should be determined by matrix code # # the runner to use is determined by the 'gha-matrix' code | |
| strategy: | |
| fail-fast: false # let other jobs try to complete if one fails, kernels might take long, and they'd be skipped on the next run | |
| matrix: | |
| include: ${{ fromJSON(needs.matrix_prep.outputs.kernels_json) }} | |
| name: "Kernel ${{ matrix.kernel }} (on ${{ join(matrix.runner) }})" | |
| steps: | |
| - name: Checkout build repo | |
| uses: actions/checkout@v6 | |
| - name: Set up Docker Buildx # nb: no need for qemu here, kernels are cross-compiled, instead of the compilation being emulated | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-config-inline: | | |
| [registry."docker.io"] | |
| mirrors = ["mirror.gcr.io"] | |
| - name: Docker Login to quay.io | |
| if: ${{ env.REGISTRY == 'quay.io' && github.ref == 'refs/heads/main' }} | |
| uses: docker/login-action@v3 | |
| with: { registry: "quay.io", username: "${{ secrets.QUAY_USERNAME }}", password: "${{ secrets.QUAY_PASSWORD }}" } | |
| - name: Docker Login to GitHub Container Registry | |
| if: ${{ env.REGISTRY == 'ghcr.io' }} | |
| uses: docker/login-action@v3 | |
| with: { registry: "ghcr.io", username: "${{ github.repository_owner }}", password: "${{ secrets.GITHUB_TOKEN }}" } | |
| - name: Build and Push and Export Kernel ${{matrix.kernel}} (${{ matrix.arch }}) | |
| env: | |
| DO_PUSH: "${{ github.ref == 'refs/heads/main' && 'yes' || 'no' }}" | |
| EXPORT_KERNEL_IMAGE: "${{ github.ref != 'refs/heads/main' && 'yes' || 'no' }}" # Builds on PRs don't push images to a registry so they need to be passed on through GitHub Artifacts. | |
| EXPORT_KERNEL_IMAGE_DIR: "${{ runner.temp }}" | |
| run: bash build.sh build-kernel "${{ matrix.kernel }}" | |
| - name: Upload Kernel Docker images as GitHub Artifacts | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: kernel-images-${{ matrix.kernel }} | |
| path: ${{ runner.temp }}/hook-kernel-*.tar.gz | |
| retention-days: 1 | |
| build-hook-ensemble: | |
| needs: [ matrix_prep, build-linuxkit-containers, build-kernels ] # depend on the previous job... | |
| runs-on: "${{ matrix.runner }}" # "groups" are only for self-hosted setups! TODO: group should be determined by matrix code # # the runner to use is determined by the 'gha-matrix' code | |
| strategy: | |
| fail-fast: false # let other jobs try to complete if one fails | |
| matrix: | |
| include: ${{ fromJSON(needs.matrix_prep.outputs.lk_hooks_json) }} | |
| name: "Hook ${{ matrix.kernel }} (on ${{ join(matrix.runner) }})" | |
| steps: | |
| - name: Checkout build repo | |
| uses: actions/checkout@v6 | |
| - name: Set up Docker registry mirror # this is needed because linuxkit pulls images from dockerhub and we want to use a registry mirror to avoid rate limiting | |
| uses: docker/setup-docker-action@v4 | |
| with: | |
| daemon-config: | | |
| { | |
| "registry-mirrors": ["https://mirror.gcr.io"] | |
| } | |
| - name: Set up Docker Buildx # nb: no need for qemu here, kernels are cross-compiled, instead of the compilation being emulated | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-config-inline: | | |
| [registry."docker.io"] | |
| mirrors = ["mirror.gcr.io"] | |
| - name: Docker Login to DockerHub # read-only token, required to be able to pull all the linuxkit pkgs without getting rate limited. | |
| if: ${{ env.LOGIN_TO_DOCKERHUB == 'yes' && github.ref == 'refs/heads/main' }} | |
| uses: docker/login-action@v3 | |
| with: { registry: "docker.io", username: "${{ secrets.DOCKERHUB_USERNAME }}", password: "${{ secrets.DOCKERHUB_PASSWORD }}" } | |
| - name: Docker Login to quay.io | |
| if: ${{ env.REGISTRY == 'quay.io' && github.ref == 'refs/heads/main' }} | |
| uses: docker/login-action@v3 | |
| with: { registry: "quay.io", username: "${{ secrets.QUAY_USERNAME }}", password: "${{ secrets.QUAY_PASSWORD }}" } | |
| - name: Docker Login to GitHub Container Registry | |
| if: ${{ env.REGISTRY == 'ghcr.io' }} | |
| uses: docker/login-action@v3 | |
| with: { registry: "ghcr.io", username: "${{ github.repository_owner }}", password: "${{ secrets.GITHUB_TOKEN }}" } | |
| - name: GitHub Actions Cache for 'cache' dir | |
| uses: actions/cache@v5 | |
| if: ${{ matrix.gha_cache == 'yes' }} # effectively always yes: see gha_cache in bash/json-matrix.sh around line 84 | |
| with: | |
| path: cache | |
| key: "lk-cache-${{ matrix.docker_arch }}-${{ matrix.kernel }}-${{ hashFiles('linuxkit-templates/*') }}-${{ hashFiles('bash/**/*.sh') }}" | |
| restore-keys: | | |
| lk-cache-${{ matrix.docker_arch }}-${{ matrix.kernel }} | |
| lk-cache-${{ matrix.docker_arch }} | |
| save-always: true # always save the cache, even if build fails | |
| - name: Download Linuxkit artifacts | |
| uses: actions/download-artifact@v7 | |
| if: ${{ github.ref != 'refs/heads/main' }} | |
| with: | |
| name: linuxkit-images-${{ matrix.docker_arch }} | |
| path: ${{ runner.temp }} | |
| - name: Load Linuxkit Docker images into local Docker daemon | |
| if: ${{ github.ref != 'refs/heads/main' }} | |
| run: | | |
| ls "${{ runner.temp }}" | |
| imgs=$(ls "${{ runner.temp }}" | grep tar.gz | xargs) | |
| echo "Found hook images: ${imgs}" | |
| for img in ${imgs}; do | |
| echo "extracting and loading image: ${{ runner.temp }}/${img}" | |
| gunzip -d "${{ runner.temp }}/${img}" | |
| docker load --input "${{ runner.temp }}/${img%.*}" | |
| done | |
| docker images | |
| - name: Download Kernel artifacts | |
| uses: actions/download-artifact@v7 | |
| if: ${{ github.ref != 'refs/heads/main' }} | |
| with: | |
| name: kernel-images-${{ matrix.kernel }} | |
| path: ${{ runner.temp }} | |
| - name: Load Kernel Docker images into local Docker daemon | |
| if: ${{ github.ref != 'refs/heads/main' }} | |
| run: | | |
| ls "${{ runner.temp }}" | |
| imgs=$(ls "${{ runner.temp }}" | grep tar.gz | xargs) | |
| echo "Found kernel images: ${{ runner.temp }}/${imgs}" | |
| for img in ${imgs}; do | |
| echo "extracting and loading image: ${{ runner.temp }}/${img}" | |
| gunzip -d "${{ runner.temp }}/${img}" | |
| docker load --input "${{ runner.temp }}/${img%.*}" | |
| done | |
| docker images | |
| - name: "Build Hook with Kernel ${{matrix.kernel}} (${{ matrix.arch }}) - cache: ${{matrix.gha_cache}}" | |
| env: | |
| DO_BUILD_LK_CONTAINERS: "no" # already built them; this is only for hook/linuxkit. | |
| run: bash build.sh build "${{ matrix.kernel }}" | |
| - name: "Build Hook ISO with Kernel ${{matrix.kernel}} (${{ matrix.arch }}) - cache: ${{matrix.gha_cache}}" | |
| if: ${{ matrix.build_iso == 'yes' }} # Set via inventory.sh and SUPPORTS_ISO='yes' for each flavor | |
| env: | |
| DO_BUILD_LK_CONTAINERS: "no" # already built them; this is only for hook/linuxkit. | |
| run: bash build.sh build "${{ matrix.kernel }}" LINUXKIT_ISO=yes | |
| - name: Upload deb as artifact ${{ matrix.arch.name }} ${{ matrix.distro }} | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: "hook-tarball-${{ matrix.kernel }}" | |
| path: | | |
| out/*.tar.gz | |
| out/*.iso | |
| retention-days: 1 | |
| release-latest: | |
| name: Publish all Hooks to GitHub Releases | |
| needs: [ matrix_prep, build-hook-ensemble ] | |
| runs-on: ubuntu-latest | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Download built Hook artifacts | |
| uses: actions/download-artifact@v7 | |
| with: | |
| pattern: "hook-tarball-*" | |
| merge-multiple: true | |
| - name: Figure Out Commit Short ID | |
| id: commitid | |
| run: | | |
| echo ::set-output name=short::$(git rev-parse --short HEAD) | |
| - name: Delete Tag | |
| run: | | |
| git tag -d latest || echo "no local tag to delete" | |
| git push origin :latest -f || echo "no remote tag to delete" | |
| - name: Generate Release Notes | |
| run: | | |
| generated_release_notes=$(gh api 'repos/{owner}/{repo}/releases/generate-notes' -F tag_name=latest --jq .body) | |
| cat >>"$GITHUB_ENV" <<-EOF | |
| RELEASE_NOTES<<RELEASE_NOTES_EOF | |
| # :warning: :rotating_light: :boom: Note!!! :boom: :rotating_light: :warning: | |
| The uploaded files will be updated on the next merge to main, as such download them before use to avoid surprises. | |
| --- | |
| Commit: ${{steps.commitid.outputs.short}} | |
| --- | |
| $generated_release_notes | |
| RELEASE_NOTES_EOF | |
| EOF | |
| env: | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
| - name: Update Tag | |
| uses: rickstaa/action-create-tag@v1 | |
| with: | |
| tag: latest | |
| message: "Latest development build" | |
| - name: Generate checksum | |
| uses: jmgilman/actions-generate-checksum@v1 | |
| with: | |
| method: sha512 | |
| patterns: | | |
| *.tar.gz | |
| *.iso | |
| - name: Update latest release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| name: Hook Latest Development Build | |
| body: ${{env.RELEASE_NOTES}} | |
| files: | | |
| *.tar.gz | |
| *.iso | |
| checksum.txt | |
| prerelease: true | |
| tag_name: latest | |
| draft: false | |
| release-tag: | |
| name: Publish all Hooks to GitHub Releases for a tag | |
| needs: [ matrix_prep, build-hook-ensemble ] | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Download built Hook artifacts | |
| uses: actions/download-artifact@v7 | |
| with: | |
| pattern: "hook-tarball-*" | |
| merge-multiple: true | |
| - name: Generate Release Notes | |
| run: | | |
| generated_release_notes=$(gh api 'repos/{owner}/{repo}/releases/generate-notes' -F tag_name=${{github.ref}} --jq .body) | |
| cat >>"$GITHUB_ENV" <<-EOF | |
| RELEASE_NOTES<<RELEASE_NOTES_EOF | |
| $generated_release_notes | |
| RELEASE_NOTES_EOF | |
| EOF | |
| env: | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
| - name: Generate checksum | |
| uses: jmgilman/actions-generate-checksum@v1 | |
| with: | |
| method: sha512 | |
| patterns: | | |
| *.tar.gz | |
| *.iso | |
| - name: Update tag release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| name: ${{github.ref}} | |
| body: ${{env.RELEASE_NOTES}} | |
| files: | | |
| *.tar.gz | |
| *.iso | |
| checksum.txt | |
| prerelease: true | |
| tag_name: ${{github.ref}} |